Lucene search
HackeroneCVELIST:CVE-2020-8294HistoryFeb 03, 2021 - 4:42 p.m.
CVE-2020-8294
2021-02-0316:42:57
CWE-79
hackerone
www.cve.org
A missing link validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows execution of a stored XSS attack using Internet Explorer when saving a ‘javascript:’ URL in markdown format.
CNA Affected
[
{
"product": "Nextcloud Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 20.0.2, 19.0.5, 18.0.11"
}
]
}
]Related
osv
osv
CVE-2020-8294
2021-02-03 17:15:16
prion
prion
Format string
2021-02-03 17:15:00
nvd
nvd
CVE-2020-8294
2021-02-03 17:15:16
hackerone
hackerone
nextcloud
nextcloud
cve
cve
CVE-2020-8294
2021-02-03 17:15:16
openvas
openvas
Nextcloud Server Multiple Vulnerabilities (NC-SA-2021-001, NC-SA-2021-002)
2021-01-28 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:0262-1)
2021-04-16 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00
suse
suse
Security update for nextcloud (moderate)
2021-02-11 00:00:00
Security update for nextcloud (moderate)
2021-02-08 00:00:00
Security update for nextcloud (important)
2021-07-21 00:00:00
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2021-262)
2021-02-09 00:00:00
openSUSE 15 Security Update : nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00